<?php
namespace plugin\ky_shouyin\app\controller\admin;

use plugin\ky_shouyin\app\controller\BaseController as Controller;
use Webman\Http\Response;

class BaseController extends Controller
{
    protected $noAuthPaths = [
        '/app/ky_shouyin/admin/account/login',
        '/app/ky_shouyin/admin/account/logout',
        '/app/ky_shouyin/admin/account/captcha/login'
    ];

    /**
     * 检查访问权限
     */
    protected function checkAuth()
    {
        // 验证后台访问权限
        $user = session('user');
        
        if ((!$user || (int)$user['role'] === 4) && 
            !in_array(request()->path(), $this->noAuthPaths)) {
            // 如果是AJAX请求返回JSON
            if (request()->isAjax()) {
                return new Response(200, ['Content-Type' => 'application/json'], 
                    json_encode(['code' => 403, 'msg' => '无权访问']));
            }
            // 非AJAX请求重定向到收银台
            return redirect('/app/ky_shouyin/front/cashier/index');
        }
        return null;
    }

    /**
     * 处理请求前的权限验证
     */
    public function beforeAction()
    {
        $result = $this->checkAuth();
        if ($result instanceof Response) {
            return $result;
        }
        return null;
    }
} 